The credentials were published publicly and freely available on the open internet.
Maybe the person who published them did something illegal, if they themselves did not have permission to share, but it could have also been an accident or on purpose. At most they violated an NDA, but that doesn’t have criminal consequences.
The journalist who later used them would seem like they should br in the clear.
A key under a doormat is freely available to anyone who knows to pick up the mat. Does that mean it’s automatically legal to pick up the mat, find the key, use it to open up the house, and go inside?
In that scenario how do you propose that the key under the mat is any different than if the door wasn’t locked in the first place?
What if one of the workers at the business invites you in to quietly look around? Should you still be arrested for trespassing if it turns out that specific worker didn’t have permission to invite you in?
In that scenario how do you propose that the key under the mat is any different than if the door wasn’t locked in the first place?
Surely you are joking
What if one of the workers at the business invites you in to quietly look around?
This is actually an excellent analogy. Yes, if one of the workers says hey I happen to know there’s a key at such-and-such location; don’t tell anyone I told you, and then you take it from there you an go in and look around, that to me is clearly criminal. You know you’re not supposed to be there.
The analogy of keys <-> login credentials is a pretty good one. You can make a case “hey I was just walking around, I’m allowed to walk around” and that’s reasonable, just like accessing random URLs or opening dev tools. That’s all legit. Until you encounter a locked door and overcome the locking mechanism in some fashion when you know you haven’t been given access by the owner to be there, at which point it’s clearly unauthorized access. It doesn’t matter if the lock is pretty easy to pick or the key is poorly hidden.
I mean, you can make a case hey I’m a journalist and me accessing this stuff is in the public interest. And that sounds pretty accurate in this case. I’m just saying the “he had to break in to get access to it” side of the argument sounds pretty accurate as well.
No. Trespassing is generally considered trespassing even if the door is unlocked. Your the one arguing that it makes a difference if the door is unlocked or if the door is locked by the key posted in plain sight.
As to the other point, it’s more like they were with you, or at least as close as you can be when we’re talking about internet stuff. If one of your friends in the same industry says, hay, i’d like to show you something, let yourself in, we keep the key hanging from a nail right next to the door, it would be resonable to expect you were allowed to be there.
We are talking about one journalist being invited into an another news agencies archive. This isn’t that uncommon of an occurrence, otherwise no agency would otherwise know what footage was available to license from their competitors.
No. Trespassing is generally considered trespassing even if the door is unlocked. Your the one arguing that it makes a difference if the door is unlocked or if the door is locked by the key posted in plain sight.
So… I am not a lawyer and I didn’t use any specific terminology like “trespassing.” I’m just saying how I see it and maybe I am wrong. Any sort of argument that’s based on talking about physical access with a key and crimes committed by physical access is likely to be 100% disconnected from whatever happens legally to him because of what he did electronically. I’m just sorta making a non-legal analogy about how I see it.
We are talking about one journalist being invited into an another news agencies archive. This isn’t that uncommon of an occurrence, otherwise no agency would otherwise know what footage was available to license from their competitors.
Hm… maybe.
I don’t think it’s reasonable to compare being invited to have access to an archive, to being “invited” by some sort of whistleblower to come in and see what you can find when both of you know the actual server operator wouldn’t be happy with the nature of your access.
But that’s me making some assumptions about the nature of the archive and how public the demo credentials were. A lot depends on details that weren’t really available in this one news story, and it sorta sounds like I’m assuming the details were one way and you’re assuming they were the other way, when in reality it could have been either (again just based on this one story).
People regularly post credential dumps on Pastebin, which can be publicly and freely seen, but that doesn’t make those credentials legal to use.
If the journalist had received copies of the video that someone else had downloaded, he’d be in the clear, and that other person would be on the hook.
If the credentials were posted publicly by the news site as a shared login, and the site simply didn’t realize that these videos were accessible with those credentials, he would likely prevail. Otherwise, he is likely guilty of hacking under current US laws.
The credentials were published publicly and freely available on the open internet.
Maybe the person who published them did something illegal, if they themselves did not have permission to share, but it could have also been an accident or on purpose. At most they violated an NDA, but that doesn’t have criminal consequences.
The journalist who later used them would seem like they should br in the clear.
A key under a doormat is freely available to anyone who knows to pick up the mat. Does that mean it’s automatically legal to pick up the mat, find the key, use it to open up the house, and go inside?
In that scenario how do you propose that the key under the mat is any different than if the door wasn’t locked in the first place?
What if one of the workers at the business invites you in to quietly look around? Should you still be arrested for trespassing if it turns out that specific worker didn’t have permission to invite you in?
Surely you are joking
This is actually an excellent analogy. Yes, if one of the workers says hey I happen to know there’s a key at such-and-such location; don’t tell anyone I told you, and then you take it from there you an go in and look around, that to me is clearly criminal. You know you’re not supposed to be there.
The analogy of keys <-> login credentials is a pretty good one. You can make a case “hey I was just walking around, I’m allowed to walk around” and that’s reasonable, just like accessing random URLs or opening dev tools. That’s all legit. Until you encounter a locked door and overcome the locking mechanism in some fashion when you know you haven’t been given access by the owner to be there, at which point it’s clearly unauthorized access. It doesn’t matter if the lock is pretty easy to pick or the key is poorly hidden.
I mean, you can make a case hey I’m a journalist and me accessing this stuff is in the public interest. And that sounds pretty accurate in this case. I’m just saying the “he had to break in to get access to it” side of the argument sounds pretty accurate as well.
No. Trespassing is generally considered trespassing even if the door is unlocked. Your the one arguing that it makes a difference if the door is unlocked or if the door is locked by the key posted in plain sight.
As to the other point, it’s more like they were with you, or at least as close as you can be when we’re talking about internet stuff. If one of your friends in the same industry says, hay, i’d like to show you something, let yourself in, we keep the key hanging from a nail right next to the door, it would be resonable to expect you were allowed to be there.
We are talking about one journalist being invited into an another news agencies archive. This isn’t that uncommon of an occurrence, otherwise no agency would otherwise know what footage was available to license from their competitors.
So… I am not a lawyer and I didn’t use any specific terminology like “trespassing.” I’m just saying how I see it and maybe I am wrong. Any sort of argument that’s based on talking about physical access with a key and crimes committed by physical access is likely to be 100% disconnected from whatever happens legally to him because of what he did electronically. I’m just sorta making a non-legal analogy about how I see it.
Hm… maybe.
I don’t think it’s reasonable to compare being invited to have access to an archive, to being “invited” by some sort of whistleblower to come in and see what you can find when both of you know the actual server operator wouldn’t be happy with the nature of your access.
But that’s me making some assumptions about the nature of the archive and how public the demo credentials were. A lot depends on details that weren’t really available in this one news story, and it sorta sounds like I’m assuming the details were one way and you’re assuming they were the other way, when in reality it could have been either (again just based on this one story).
People regularly post credential dumps on Pastebin, which can be publicly and freely seen, but that doesn’t make those credentials legal to use.
If the journalist had received copies of the video that someone else had downloaded, he’d be in the clear, and that other person would be on the hook.
If the credentials were posted publicly by the news site as a shared login, and the site simply didn’t realize that these videos were accessible with those credentials, he would likely prevail. Otherwise, he is likely guilty of hacking under current US laws.
Nah, if you steal a wallet because it was publicly available, that’s still a theft.
What about if someone else leaves a wallet out in public , and you look at the name before leaving it where you found it?
The metaphor doesn’t stand. In the case of FOX, you obtained information you were not supposed to. You can’t somehow put it back from your brain.